mirror of
https://github.com/ysoftdevs/terraform-aws-eks.git
synced 2026-03-24 10:21:08 +01:00
feat: Add Karpenter v1beta1 compatibility (#2800)
* feat: Add Karpenter v1beta1 compatibility * fix: Update to make changes opt-in * fix: Update resource schemas to align with latest Karpenter version - validated and working as intended --------- Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com>
This commit is contained in:
Michael Barrientos
committed by
GitHub
GitHub
parent
69eb4569b9
commit
aec2bab1d8
@@ -160,10 +160,9 @@ module "karpenter" {
|
||||
cluster_name = module.eks.cluster_name
|
||||
irsa_oidc_provider_arn = module.eks.oidc_provider_arn
|
||||
|
||||
# Used to attach additional IAM policies to the Karpenter controller IRSA role
|
||||
# policies = {
|
||||
# "xxx" = "yyy"
|
||||
# }
|
||||
# In v0.32.0/v1beta1, Karpenter now creates the IAM instance profile
|
||||
# so we disable the Terraform creation and add the necessary permissions for Karpenter IRSA
|
||||
enable_karpenter_instance_profile_creation = true
|
||||
|
||||
# Used to attach additional IAM policies to the Karpenter node IAM role
|
||||
iam_role_additional_policies = {
|
||||
@@ -182,51 +181,38 @@ resource "helm_release" "karpenter" {
|
||||
repository_username = data.aws_ecrpublic_authorization_token.token.user_name
|
||||
repository_password = data.aws_ecrpublic_authorization_token.token.password
|
||||
chart = "karpenter"
|
||||
version = "v0.29.0"
|
||||
version = "v0.32.1"
|
||||
|
||||
set {
|
||||
name = "settings.aws.clusterName"
|
||||
value = module.eks.cluster_name
|
||||
}
|
||||
|
||||
set {
|
||||
name = "settings.aws.clusterEndpoint"
|
||||
value = module.eks.cluster_endpoint
|
||||
}
|
||||
|
||||
set {
|
||||
name = "serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"
|
||||
value = module.karpenter.irsa_arn
|
||||
}
|
||||
|
||||
set {
|
||||
name = "settings.aws.defaultInstanceProfile"
|
||||
value = module.karpenter.instance_profile_name
|
||||
}
|
||||
|
||||
set {
|
||||
name = "settings.aws.interruptionQueueName"
|
||||
value = module.karpenter.queue_name
|
||||
}
|
||||
values = [
|
||||
<<-EOT
|
||||
settings:
|
||||
clusterName: ${module.eks.cluster_name}
|
||||
clusterEndpoint: ${module.eks.cluster_endpoint}
|
||||
interruptionQueueName: ${module.karpenter.queue_name}
|
||||
serviceAccount:
|
||||
annotations:
|
||||
eks.amazonaws.com/role-arn: ${module.karpenter.irsa_arn}
|
||||
EOT
|
||||
]
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "karpenter_provisioner" {
|
||||
resource "kubectl_manifest" "karpenter_node_class" {
|
||||
yaml_body = <<-YAML
|
||||
apiVersion: karpenter.sh/v1alpha5
|
||||
kind: Provisioner
|
||||
apiVersion: karpenter.k8s.aws/v1beta1
|
||||
kind: EC2NodeClass
|
||||
metadata:
|
||||
name: default
|
||||
spec:
|
||||
requirements:
|
||||
- key: karpenter.sh/capacity-type
|
||||
operator: In
|
||||
values: ["spot"]
|
||||
limits:
|
||||
resources:
|
||||
cpu: 1000
|
||||
providerRef:
|
||||
name: default
|
||||
ttlSecondsAfterEmpty: 30
|
||||
amiFamily: AL2
|
||||
role: ${module.karpenter.role_name}
|
||||
subnetSelectorTerms:
|
||||
- tags:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
securityGroupSelectorTerms:
|
||||
- tags:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
tags:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
YAML
|
||||
|
||||
depends_on = [
|
||||
@@ -234,23 +220,39 @@ resource "kubectl_manifest" "karpenter_provisioner" {
|
||||
]
|
||||
}
|
||||
|
||||
resource "kubectl_manifest" "karpenter_node_template" {
|
||||
resource "kubectl_manifest" "karpenter_node_pool" {
|
||||
yaml_body = <<-YAML
|
||||
apiVersion: karpenter.k8s.aws/v1alpha1
|
||||
kind: AWSNodeTemplate
|
||||
apiVersion: karpenter.sh/v1beta1
|
||||
kind: NodePool
|
||||
metadata:
|
||||
name: default
|
||||
spec:
|
||||
subnetSelector:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
securityGroupSelector:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
tags:
|
||||
karpenter.sh/discovery: ${module.eks.cluster_name}
|
||||
template:
|
||||
spec:
|
||||
nodeClassRef:
|
||||
name: default
|
||||
requirements:
|
||||
- key: "karpenter.k8s.aws/instance-category"
|
||||
operator: In
|
||||
values: ["c", "m", "r"]
|
||||
- key: "karpenter.k8s.aws/instance-cpu"
|
||||
operator: In
|
||||
values: ["4", "8", "16", "32"]
|
||||
- key: "karpenter.k8s.aws/instance-hypervisor"
|
||||
operator: In
|
||||
values: ["nitro"]
|
||||
- key: "karpenter.k8s.aws/instance-generation"
|
||||
operator: Gt
|
||||
values: ["2"]
|
||||
limits:
|
||||
cpu: 1000
|
||||
disruption:
|
||||
consolidationPolicy: WhenEmpty
|
||||
consolidateAfter: 30s
|
||||
YAML
|
||||
|
||||
depends_on = [
|
||||
helm_release.karpenter
|
||||
kubectl_manifest.karpenter_node_class
|
||||
]
|
||||
}
|
||||
|
||||
@@ -292,7 +294,7 @@ resource "kubectl_manifest" "karpenter_example_deployment" {
|
||||
|
||||
module "vpc" {
|
||||
source = "terraform-aws-modules/vpc/aws"
|
||||
version = "~> 4.0"
|
||||
version = "~> 5.0"
|
||||
|
||||
name = local.name
|
||||
cidr = local.vpc_cidr
|
||||
|
||||
Reference in New Issue
Block a user